Sales
Denmark +45 7944 7000
Europe +45 7944 7000
North America +1 (202)-536-4165
Support
Denmark +45 7944 7002
North America +1 (202)-536-4165

GDPR - Add-On Products handling of personal confidential data

Modified on Thu, 22 Aug at 11:26 PM

Add-On Products STAFF CODE OF CONDUCT

To ensure staff members are effectively informed of what is required of them, Add-On Products has a Staff Code of Conduct (code) that identifies legal requirements and best practice.

The code applies to all  staff groups: Management, Marketing, Sales, Support and Professional Services

The code is set out as follows: 

1. Justify the purpose(s) 

2. Don’t use personal confidential data unless it is absolutely necessary 

3. Use the minimum necessary personal confidential data

4. Access to personal confidential data should be on a strict need-to-know basis 

5. Everyone with access to personal confidential data must be aware of their responsibilities 

6. Comply with the law and GDPR principles

Add-On Products systems and processes for protecting personal information include all safe haven procedures, e.g. for answering telephone queries or receiving personal confidential information, any information sharing protocols agreed with external organizations, encryption requirements for equipment and secure transfers of personal information.

Add-On Products will ensure that all staff members are aware of the possible disciplinary sanctions for failure to comply with their responsibilities, e.g. deliberately looking at records without authority; discussion of personal details in inappropriate venues; transferring personal information electronically without encrypting it, etc. Sanctions can include disciplinary action, ending a contract, dismissal, or bringing criminal charges

Add-On Products ensures that staff is effectively informed about the code, and that it is communicated to new clients.

Add-On Products STAFF GROUP SPECIFICS

Support personnel maintains security procedures for handling personal confidential information including procedures for deleting client databases and other data received during incident management and problem management activities.

Professional Services personnel maintains security procedures for handling personal confidential information including procedures for deleting information received during Configuration and Training sessions and when assisting incident management and problem management activities.

 

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article